>> Would you really want to build an SPF or DKIM parser into every DNS >> server? Here's another thought experiment. DKIM records are a sequence of tag=value fields. Let's imagine a binary version of DKIM records where each field is a length byte, a tag byte, and a suitably coded value. For the values that are currently strings, it's the string, for the values that are currently base64, it's the binary value. Since DNS TXT records are a sequence of binary strings each preceded by a length byte, we could just stuff this version of DKIM directly into a TXT record, with the first binary string being "v=DKIM2". Would that be a good idea? DNS servers can serve the records without adding any new features, the records will be marginally faster to parse. Would that be a good idea? Why or why not? Assume we wave our hands and we have some way to create the records, hacks in provisioning systems, or a wizard web site into which you type your parameters and it gives you a TXT master file record full of hex escapes. Or wave them even more vigorously and assume the parser is built into some future version of BIND. R's, John _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf